Beginner Fundamentals Updated on Jun 25, 2025

Enabling SSL and HTTPS

HTTPS encrypts traffic between the browser and the server. Apache provides this through the mod_ssl module and an SSL certificate.

Enable the Module

sudo a2enmod ssl
sudo systemctl restart apache2

An HTTPS Virtual Host

<VirtualHost *:443>
    ServerName example.com
    DocumentRoot /var/www/example

    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/example.crt
    SSLCertificateKeyFile /etc/ssl/private/example.key
</VirtualHost>

SSLEngine on: turn on encryption for this host.
SSLCertificateFile: the public certificate.
SSLCertificateKeyFile: the matching private key.

Make Sure Port 443 Is Open

Listen 443

Redirect HTTP to HTTPS

Send plain visitors to the secure version:

<VirtualHost *:80>
    ServerName example.com
    Redirect permanent / https://example.com/
</VirtualHost>

Apply Changes

sudo apache2ctl configtest
sudo systemctl reload apache2

For real sites, get a free trusted certificate from Let’s Encrypt instead of a self-signed one.